Introduction to Metasploit Penetration Testing Framework

Others 2022-04-22 09:20:30 views: 0

Introduction to Metasploit Penetration Testing Framework

1. Download and installation of Metaspoit

The download and installation of Metasploit is very simple. It provides installation packages for each system, and you can follow the tutorials given on the official website—— official website address

2. Architecture of Mstaspoit

Metasploit framework diagram

3. Introduction to each module of Mstaspoit

1. Auxiliary module

Introduction: It mainly provides a large number of auxiliary tools for the information collection stage of penetration testing, including various network service detection and scanning, building fake services to collect login passwords, password guessing and cracking, sensitive information sniffing, etc. In addition, it also includes some attack methods that do not need to obtain control rights of the target system, such as DDoS attacks.

2. Penetration attack module

Introduction: It mainly uses the discovered security vulnerabilities and configuration weaknesses to attack the remote target system, so as to implant and run the attack payload, so as to obtain the access right of the remote target. The code components are divided into active penetration modules according to different attack methods. and passive penetration modules. The vulnerabilities exploited by active penetration are mainly located in network server software and upper-layer applications carried by services. The vulnerabilities of passive penetration are mainly located in the client software, mainly by inducing users to click on files or links containing malicious code to passively obtain target system information.

3. Attack payload module

Introduction: The attack payload is a piece of implanted code that prompts the target system to run after the penetration is successful, generally to help the penetration attacker to open the control session connection on the target system. The attack payload module integrates a large number of targeted implanted codes, which can reduce the workload of infiltrating attackers. Metasploit’s attack payloads are mainly divided into three categories: Singles, Stagers, and Stages. Independent attack payloads are completely independent, self-contained payloads that can be directly implanted into the target system for execution. In some cases where the size of the attack payload and operating conditions are limited, Metasploit provides transporters and transporters to carry out attacks. The transmitter code is small, compact, easy to transmit and very reliable, which can meet the harsh penetration conditions, and then the transmitter payload can be further downloaded and executed through the transmitter payload . At this time, the transmitter payload is not limited by size and security defense mechanisms.

4. Empty command module

Introduction: Null instructions are some empty or irrelevant operations that do not affect the running of the program. In order to ensure the reliability of the penetration attack component and reduce the impact on the penetration code due to memory address randomization, return address deviation and other factors, it is usually necessary to add an empty command area before the executed ShellCode as a buffer.

5. Encoder module

Introduction: The encoder module mainly encodes the assembled instruction sequence for a certain number of times to prevent the penetration attack instruction from being detected or blocked, or it does not work. The main functions are two: 1> To ensure that some "bad characters" do not appear in the attack payload, these "bad characters" are likely to cause the carefully constructed penetration program to be incomplete or even impossible to execute (for example, some characters will be interpreted as the end of the file, Therefore, the latter part is lost) 2> Perform anti-kill processing on the attack payload, and hide the signature of the attack payload through encoder coding, so as to avoid the detection and inspection of the intrusion detection system (IDS) and the intrusion prevention system (IPS). kill.

6. Post-penetration attack module

Introduction: Introduced after the Metasploit v4 version, it mainly supports various post-penetration attack actions in the controlled system after the penetration attack obtains the remote control of the target system, such as obtaining sensitive information, further expansion, and implementing springboard attacks.

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=324932537&siteId=291194637
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com